Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2daf9f0a1efeddf61ad131bb0ad55057_JaffaCakes118

  • Size

    334KB

  • Sample

    240708-y6zf2sxbnn

  • MD5

    2daf9f0a1efeddf61ad131bb0ad55057

  • SHA1

    902658788b2471393bf8129d86323b15ce9b344d

  • SHA256

    b47cba80a43f6f817aac64184597d953e86f8000460b2185ae0751509ab335eb

  • SHA512

    8ef3b4352891ecf99809ea45220bb89bc21042b7a68772912d901bdaca82290abb11ab9748dc9d269cb5ba245a501f0862c7ff3c7587a9438947778e08c3f8f2

  • SSDEEP

    6144:QISpMp5s2xhZMaJTXPiap/ZMiPC0i7r4JdqJ8+RPGgmT5xNxESkO+bY:jS2NXZvt6aTMR7rIdqJrRMXEPOH

Malware Config

Targets

    • Target

      Boleto-10-2011.com

    • Size

      353KB

    • MD5

      681abf81004f57b2930a7fade361c160

    • SHA1

      43707fceb0fda0045e2ad1522375f66a25a9a5ad

    • SHA256

      7e07c36e47c45f16faf8f41e4805396dc99445a3c563258d9a6ed65b638e073a

    • SHA512

      15ad726644ffb33279afe2beef362de6f077247e6487b589bcffebb45ab00608286448d0d02c16ef4c3c486dee374e9fc95988641f3c4702be7e442494178585

    • SSDEEP

      6144:uAkg2vhVMaJTXPiap/ZMUxgdUCxlZn+aC1meyUGimMxSkOZbX:u02ZVvx6aTMLX/5W1meyUGp8POt

    • UAC bypass

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks